I have a couple of questions regarding what programs are part of the Windows System and Updater Applications file groups. I’m asking because, I removed them from the application rules so I can set all the rules for those file groups myself. I want to know all the programs that are part of those file groups so I can manually add them and tweak the rules myself.
I’m asking this question because, when I removed Windows Updater Applications from my rules, I assumed when I went to Windows Update, that my firewall would show a notification for Windows Updater saying its trying to access the internet. But to my surprise, it just let it out without asking. I have my alerts set on very high, so I should see everything that goes in and out of my computer. (I just recently installed CIS 6, so maybe its a bug that just lets file groups out even if you delete them from application rules).
So what I’m wondering is, what are all the programs that are under the Windows System and Updater Application file groups so I can go and manually add them myself and set up the rules accordingly? I see that if you have Endpoint Protection, you can go to “My File Groups” and expand each file group which will tell you what applications are in each file group. If someone could post all the applications to the Windows System and Updater file groups, it would save me alot of time having to wait for each one of those applications to get triggered and add them slowly overtime.
Nevermind, I finally found where the file group information is located. It is located under HIPS Rules. It turns out that after I deleted the Windows System and Updater Applications file groups, I got messages from svchost.exe and explore.exe and so on. So it actually did work. I just like to set up rules for all my programs individually so I have more control over each program.